Mobile commerce (mCommerce) security. An appraisal of current issues and trends

Millions of data capable mobile devices are currently in use around the world enabled by the growing acceptance of Internet over wireless networks. However, security mechanisms still remain nascent. Security plays a crucial role in facilitating the level of trust users place on mobile devices and applications. To effectively diffuse the mobile devices in the marketplace, sufficient levels of trust has to be established in the underlying security of mobile devices and applications. This paper is an appraisal of recent issues and emerging trends regarding mobile security, within the context of conducting mobile commerce via mobile networks by individual consumers and businesses.<br /

Secure Routing Protocol for Integrated UMTS and WLAN Ad Hoc Networks

The integrated UMTS and WLAN ad hoc networks are getting more and more popular as they hold substantial advantages by next generation networks. We introduce a new secure, robust routing protocol specifically designed for next generation technologies and evaluated its performance. The design of the SNAuth_SPERIPv2 secure routing protocol takes advantage to the integrated network, maintaining Quality of Service (QoS) under Wormhole Attack (WHA). This paper compares performance of newly developed secure routing protocol with other security schemes for CBR video streaming service under WHA

Remote software upload techniques in future vehicles and their performance analysis

Updating software in vehicle Electronic Control Units (ECUs) will become a mandatory requirement for a variety of reasons, for examples, to update/fix functionality of an existing system, add new functionality, remove software bugs and to cope up with ITS infrastructure. Software modules of advanced vehicles can be updated using Remote Software Upload (RSU) technique. The RSU employs infrastructure-based wireless communication technique where the software supplier sends the software to the targeted vehicle via a roadside Base Station (BS). However, security is critically important in RSU to avoid any disasters due to malfunctions of the vehicle or to protect the proprietary algorithms from hackers, competitors or people with malicious intent. In this thesis, a mechanism of secure software upload in advanced vehicles is presented which employs mutual authentication of the software provider and the vehicle using a pre-shared authentication key before sending the software. The software packets are sent encrypted with a secret key along with the Message Digest (MD). In order to increase the security level, it is proposed the vehicle to receive more than one copy of the software along with the MD in each copy. The vehicle will install the new software only when it receives more than one identical copies of the software. In order to validate the proposition, analytical expressions of average number of packet transmissions for successful software update is determined. Different cases are investigated depending on the vehicle\u27s buffer size and verification methods. The analytical and simulation results show that it is sufficient to send two copies of the software to the vehicle to thwart any security attack while uploading the software. The above mentioned unicast method for RSU is suitable when software needs to be uploaded to a single vehicle. Since multicasting is the most efficient method of group communication, updating software in an ECU of a large number of vehicles could benefit from it. However, like the unicast RSU, the security requirements of multicast communication, i.e., authenticity, confidentiality and integrity of the software transmitted and access control of the group members is challenging. In this thesis, an infrastructure-based mobile multicasting for RSU in vehicle ECUs is proposed where an ECU receives the software from a remote software distribution center using the road side BSs as gateways. The Vehicular Software Distribution Network (VSDN) is divided into small regions administered by a Regional Group Manager (RGM). Two multicast Group Key Management (GKM) techniques are proposed based on the degree of trust on the BSs named Fully-trusted (FT) and Semi-trusted (ST) systems. Analytical models are developed to find the multicast session establishment latency and handover latency for these two protocols. The average latency to perform mutual authentication of the software vendor and a vehicle, and to send the multicast session key by the software provider during multicast session initialization, and the handoff latency during multicast session is calculated. Analytical and simulation results show that the link establishment latency per vehicle of our proposed schemes is in the range of few seconds and the ST system requires few ms higher time than the FT system. The handoff latency is also in the range of few seconds and in some cases ST system requires less handoff time than the FT system. Thus, it is possible to build an efficient GKM protocol without putting too much trust on the BSs

Mcommerce - a vision in time

Global mCommerce revenues are expected to grow from $400 million in 2000, to 22.2 billion by 2005 (Raczkowski, 2002) mCommerce is a key driver in developing the global information society, with applications emerging in numerous areas including banking, financial services, security services and shopping (Khalifa and Cheng, 2002). With optimistic projections regarding its growth, many researchers are actively determining the future of mCommerce. In this paper, we have tried to synthesise some predictions and evolving definitions, explored security as a critical impediment and developing solutions; investigated the mPayment scenario; and derived a futuristic research framework. Specifically, we have attempted to capture the moving mCommerce scenario in present time, with a special focus into mPayments.<br /

Demystifying Wireless Technologies: Navigating Through The Wireless Technology Maze

A significant part of the growth in consumer-to-business electronic commerce is likely to originate from the increasing numbers of mobile computing devices and smart telephone devices. Most of the data from mobile computers will be carried over by emerging wireless networks. Many wireless technologies and standards are now available. As a result, it is becoming increasingly difficult for non-domain experts like managers, to sort through the maze of wireless technologies and standards to make business decisions involving these technologies. This article surveys existing and emerging wireless technologies and uses the Open System Interconnect (OSI) framework to organize the wireless landscape. The survey provides a quick reference to the entire spectrum of wireless technologies in use today

Security of Mobile Banking

Mobile banking is attractive because it is a convenient approach to perform remote banking, but there are security shortfalls in the present mobile banking implementations. This paper discusses some of these security shortfalls, such as security problems with GSM network, SMS/GPRS protocols and security problems with current banks’ mobile banking solutions. This paper discusses the SMS and GPRS proposed solutions for these problems. The results from these proposed solutions have proven to provide secure and economic communications between the mobile application and the bank servers.The proposed solutions allow the users to bank using secure SMS and GPRS